package com.kun.peng.system.rest;

import cn.hutool.core.collection.CollectionUtil;
import com.kun.peng.annotation.rest.AnonymousPostMapping;
import com.kun.peng.system.domain.Dept;
import com.kun.peng.utils.PageUtil;
import com.kun.peng.utils.SecurityUtils;
import com.kun.peng.system.domain.vo.UserPassVo;
import com.kun.peng.system.service.DataService;
import com.kun.peng.system.service.DeptService;
import com.kun.peng.system.service.UserService;
import com.kun.peng.system.service.dto.UserQueryCriteria;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Pageable;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * Created on 2021/11/30.
 *
 * @author xuebaopeng
 * Description
 */
@Api(tags = "用户管理")
@RestController
@RequestMapping("/api/users")
@RequiredArgsConstructor
public class UserController {
    private final PasswordEncoder passwordEncoder;
    private final UserService userService;
    private final DeptService deptService;
    private final DataService dataService;

    @ApiOperation("查询用户")
    @GetMapping
//    @PreAuthorize("@el.check('user:list')")
    public ResponseEntity<Object> query(UserQueryCriteria criteria, Pageable pageable){
        if (!ObjectUtils.isEmpty(criteria.getDeptId())) {
            criteria.getDeptIds().add(criteria.getDeptId());
            // 先查找是否存在子节点
            List<Dept> data = deptService.findByPid(criteria.getDeptId());
            // 然后把子节点的ID都加入到集合中
            criteria.getDeptIds().addAll(deptService.getDeptChildren(data));
        }
        // 数据权限
        List<Long> dataScopes = dataService.getDeptIds(userService.findByName(SecurityUtils.getCurrentUsername()));
        // criteria.getDeptIds() 不为空并且数据权限不为空则取交集
        if (!CollectionUtils.isEmpty(criteria.getDeptIds()) && !CollectionUtils.isEmpty(dataScopes)){
            // 取交集
            criteria.getDeptIds().retainAll(dataScopes);
            if(!CollectionUtil.isEmpty(criteria.getDeptIds())){
                return new ResponseEntity<>(userService.queryAll(criteria,pageable),HttpStatus.OK);
            }
        } else {
            // 否则取并集
            criteria.getDeptIds().addAll(dataScopes);
            return new ResponseEntity<>(userService.queryAll(criteria,pageable),HttpStatus.OK);
        }
        return new ResponseEntity<>(PageUtil.toPage(null,0),HttpStatus.OK);
    }

    @ApiOperation("修改密码")
//    @PostMapping(value = "/updatePass")
    @AnonymousPostMapping(value = "/updatePass")
    public ResponseEntity<Object> updatePass(@RequestBody UserPassVo passVo) throws Exception {
//        String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
//        String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
//        UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
//        if(!passwordEncoder.matches(oldPass, user.getPassword())){
//            throw new BadRequestException("修改失败，旧密码错误");
//        }
//        if(passwordEncoder.matches(newPass, user.getPassword())){
//            throw new BadRequestException("新密码不能与旧密码相同");
//        }
        userService.updatePass("admin",passwordEncoder.encode("123456"));
        return new ResponseEntity<>(HttpStatus.OK);
    }

}
